Details | |
---|---|
Alert ID | 10106 |
Alert Type | Active |
Status | beta |
Risk | Medium |
CWE | 311 |
WASC | 4 |
Technologies Targeted | All |
Tags |
CWE-311 OWASP_2017_A06 OWASP_2021_A05 POLICY_QA_FULL WSTG-V42-CRYP-03 |
More Info |
Scan Rule Help |
Summary
The site is only served under HTTP and not HTTPS.
Solution
Configure your web or application server to use SSL (https).Other Info
There was no automatic redirection. ZAP attempted to connect via: https://example.comReferences
- https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html
- https://letsencrypt.org/